From 86590a9d84602ac529b7b64394d78baca4925455 Mon Sep 17 00:00:00 2001
From: Martin Fischer <martin@push-f.com>
Date: Wed, 18 Dec 2024 09:27:31 +0100
Subject: tente: add headscale

---
 nixos/tente-configuration.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/nixos/tente-configuration.nix b/nixos/tente-configuration.nix
index 459fe87..bef490c 100644
--- a/nixos/tente-configuration.nix
+++ b/nixos/tente-configuration.nix
@@ -101,6 +101,25 @@ in
       group = "www-data";
     };
 
+    headscale = {
+      enable = true;
+      port = 8080;
+      # TODO: make dataDir configurable and set it to /srv/
+      settings = {
+        server_url = "https://${domains.tailscaleControlServer}";
+        dns = { base_domain = "tailnet"; };
+      };
+    };
+
+    nginx.virtualHosts.${domains.tailscaleControlServer} = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://localhost:${toString config.services.headscale.port}";
+        proxyWebsockets = true;
+      };
+    };
+
     nginx.virtualHosts.${domains.personalWebsite} = {
       enableACME = true;
       forceSSL = true;
-- 
cgit v1.2.3